Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/UkWKB7R6wSYKBpsuiwwV880UfCk.roa
File: UkWKB7R6wSYKBpsuiwwV880UfCk.roa (raw, json)
Hash identifier: pQhrMKgkx/zqcMJYjMVoXY14ZtF5KkWfSepRK8YAXxs=
Subject key identifier: 52:45:8A:07:B4:7A:C1:26:0A:06:9B:2E:8B:0C:15:F3:CD:14:7C:29
Certificate issuer: /CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
Certificate serial: 01941F8C2F94F63C2A6F75D92C7250B9680B
Authority key identifier: B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/UkWKB7R6wSYKBpsuiwwV880UfCk.roa
Signing time: Wed 01 Jan 2025 01:47:48 +0000
ROA not before: Wed 01 Jan 2025 01:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25091
IP address blocks: 192.162.204.0/23 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:2f:94:f6:3c:2a:6f:75:d9:2c:72:50:b9:68:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b215cd8e6db35441984d9c7dfc9afb653e55dff1
Validity
Not Before: Jan 1 01:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=52458a07b47ac1260a069b2e8b0c15f3cd147c29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:92:85:51:ff:d6:aa:30:86:8b:3c:57:1b:9a:
0f:25:7b:e1:4d:e4:17:e6:21:9e:94:e7:1b:42:03:
f5:e4:a7:c9:69:56:f4:b3:67:8c:0f:26:cc:d0:b2:
2a:23:ae:3f:55:99:02:ed:87:e8:a2:17:3e:75:66:
88:c7:c0:23:72:ab:a4:de:f0:3f:63:dc:e3:60:ad:
fd:6d:7d:b1:e6:97:60:e1:94:60:73:78:51:d1:00:
90:cb:f1:d5:d3:4b:1d:67:ce:35:56:c8:2d:78:cd:
5f:76:85:6a:d9:da:2b:c9:fe:6b:74:8b:d5:70:f4:
c6:84:d7:13:dc:db:62:b9:54:69:08:c4:c1:64:83:
2d:42:03:91:47:5e:66:10:57:fd:cc:29:0f:b2:d1:
87:b5:0e:d4:d1:70:fa:5d:59:75:c8:49:f0:c1:79:
ee:cf:22:84:92:35:2c:79:f8:41:1c:d9:46:6c:dd:
a0:b1:e9:81:dc:5b:28:bf:8a:45:ad:7b:d3:57:46:
83:8d:4d:f1:e0:6d:85:c3:d1:26:c1:04:69:76:b0:
c3:68:e6:21:ea:17:3f:5c:ee:37:33:28:82:e9:eb:
2b:12:6e:9a:f5:c9:05:e5:19:84:cb:f8:a3:bc:7e:
5b:bb:95:ee:89:ec:cf:d2:fd:b4:67:2f:74:b0:52:
0b:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:45:8A:07:B4:7A:C1:26:0A:06:9B:2E:8B:0C:15:F3:CD:14:7C:29
X509v3 Authority Key Identifier:
keyid:B2:15:CD:8E:6D:B3:54:41:98:4D:9C:7D:FC:9A:FB:65:3E:55:DF:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/UkWKB7R6wSYKBpsuiwwV880UfCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/38b792-18fb-4bed-990c-e950d87f8e25/1/shXNjm2zVEGYTZx9_Jr7ZT5V3_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.204.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:0e:06:e6:1f:35:c5:4b:d9:ea:ab:4c:60:e4:7f:f6:de:62:
e5:ba:2c:f7:12:ab:f8:b0:fc:65:e5:e4:83:af:72:cd:da:80:
19:eb:e9:34:56:3b:f1:d9:bb:ce:96:c5:8b:e9:13:3e:04:16:
94:02:70:31:ff:80:43:bd:48:b7:f3:da:2b:5b:ba:37:ca:7a:
0f:db:ae:36:ec:8d:86:82:b7:08:01:e0:d1:77:5f:c5:4a:83:
f3:62:d4:a1:7c:6c:a4:b3:02:8a:71:8c:53:f7:6c:ad:08:92:
f5:26:53:5f:e1:a3:24:dd:f9:31:52:4a:52:03:f7:c7:fa:62:
43:2c:80:cf:1e:4c:11:61:f6:47:9c:f5:e7:99:e6:e5:a0:9e:
14:54:67:46:e5:02:b8:a6:34:5e:be:07:cb:e3:d0:49:5b:19:
05:f0:e1:5a:d7:41:f5:1d:27:93:be:65:13:6c:fd:cc:46:db:
fb:c7:02:08:7a:ba:f2:1c:93:0c:40:f5:4e:da:43:4b:07:f5:
be:b4:97:fa:05:43:58:e4:bd:b0:40:fb:f9:f5:7d:90:5a:43:
21:d0:cf:f5:31:65:98:8d:2e:13:3b:18:b9:7d:36:3f:42:12:
ae:25:c0:ef:4f:99:0d:d8:fe:51:58:26:62:28:f7:20:a6:1e:
59:31:56:31
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjC+U9jwqb3XZLHJQuWgLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyMTVjZDhlNmRiMzU0NDE5ODRkOWM3ZGZjOWFmYjY1M2U1
NWRmZjEwHhcNMjUwMTAxMDE0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjQ1OGEwN2I0N2FjMTI2MGEwNjliMmU4YjBjMTVmM2NkMTQ3YzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl5KFUf/WqjCGizxXG5oPJXvhTeQX
5iGelOcbQgP15KfJaVb0s2eMDybM0LIqI64/VZkC7Yfoohc+dWaIx8Ajcquk3vA/
Y9zjYK39bX2x5pdg4ZRgc3hR0QCQy/HV00sdZ841VsgteM1fdoVq2doryf5rdIvV
cPTGhNcT3NtiuVRpCMTBZIMtQgORR15mEFf9zCkPstGHtQ7U0XD6XVl1yEnwwXnu
zyKEkjUsefhBHNlGbN2gsemB3Fsov4pFrXvTV0aDjU3x4G2Fw9EmwQRpdrDDaOYh
6hc/XO43MyiC6esrEm6a9ckF5RmEy/ijvH5bu5XuiezP0v20Zy90sFILkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFJFige0esEmCgabLosMFfPNFHwpMB8GA1UdIwQY
MBaAFLIVzY5ts1RBmE2cffya+2U+Vd/xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMt
ZTk1MGQ4N2Y4ZTI1LzEvVWtXS0I3UjZ3U1lLQnBzdWl3d1Y4ODBVZkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zOGI3OTItMThmYi00YmVkLTk5MGMtZTk1MGQ4N2Y4ZTI1
LzEvc2hYTmptMnpWRUdZVFp4OV9KcjdaVDVWM19FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwKLMMA0G
CSqGSIb3DQEBCwUAA4IBAQAvDgbmHzXFS9nqq0xg5H/23mLluiz3Eqv4sPxl5eSD
r3LN2oAZ6+k0Vjvx2bvOlsWL6RM+BBaUAnAx/4BDvUi389orW7o3ynoP26427I2G
grcIAeDRd1/FSoPzYtShfGykswKKcYxT92ytCJL1JlNf4aMk3fkxUkpSA/fH+mJD
LIDPHkwRYfZHnPXnmebloJ4UVGdG5QK4pjRevgfL49BJWxkF8OFa10H1HSeTvmUT
bP3MRtv7xwIIerryHJMMQPVO2kNLB/W+tJf6BUNY5L2wQPv59X2QWkMh0M/1MWWY
jS4TOxi5fTY/QhKuJcDvT5kN2P5RWCZiKPcgph5ZMVYx
-----END CERTIFICATE-----
Generated at Tue Apr 8 03:29:25 2025 by rpki-client